Every time I start firefox, it wants server rights on my firewall. I’m not sure why web browsers would need to accept unsolicited connections, so I figure denying it would be the more secure thing to do. Is there anything I might be missing out on or creating a problem with by doing this?
It’s not anything in Firefox itself, as far as I can tell. I just checked my ZoneAlarm logs and FF has never requested server rights. It may be one of your extensions.
Good question; I’ve often wondered myself, because I sometimes experience the same thing with FF, although only occasionally. I used to deny permissiion and it didn’t seem to make any difference, but after checking with the official Mozillazine Knowledge Base on Instructions for Firewalls I found that permission should be set to allow FF to act as server for correct functionality.
Why this should be I have no idea but I trust the Mozilla people so I’ve set permissions accordingly now.
BTW here’s the relevant passage from the KB page (it’s under the instructions for the EZtrust firewall but I assume it applies to all):
“Look for your internet program (e.g. “Mozilla” or “Firefox”) and ensure that the permissions under ‘Access’ and ‘Server’ have a green check mark (allow).”
Are you asking why Firefox needs to allow an incoming connection from the Internet?
I haven’t used Firefox much, so I’m not sure if this is a valid reason, but here’s what I found on search:
http://kb.mozillazine.org/SSL_is_disabled
“Firefox and Mozilla Suite use a loopback connection which is required for SSL. Check your firewall settings to make sure you have not blocked incoming connections to Firefox or Mozilla Suite.”
I recall now that I asked about the reason for this on the Firefox forums a couple of years ago.
Here’s the page the Moderator linked to in reply, the relevant passage being:
“A loopback connection for communication between the browser core and the SSL module on non-Unix machines [1]. It’s not recommended this be blocked.”
You’ll notice though that he’s put a question mark after the link so even he’s not sure.
Pipped by Xash!
According to the bug description found from aldiboronti’s link, it appears that the loopback is only to 127.0.0.1 and not to the Internet.
It should be safe to allow Firefox “incoming connection” rights to the Trusted network. You don’t need to give it “incoming connection” rights to the Internet. Just make sure “127.0.0.1” is added to your trusted network list.
Also, according to comments in the bug, it doesn’t seem that blocking it anyway causes any problems.